HomePentest-Tools.com Logo

Bacula-Web < 8.0.0-RC2 SQL Injection Vulnerability CVE-2017-15367

Severity
CVSSv3 Score
9.8
Vulnerability description

Bacula-web before 8.0.0-rc2 is affected by multiple SQL Injection vulnerabilities that could allow an attacker to access the Bacula database and, depending on configuration, escalate privileges on the server.

Risk description
Not available
Recommendation

Update to version 8.0.0-rc2 or later.

Codename
Not available
Detectable with
Network Scanner
Scan engine
OpenVAS
Exploitable with Sniper
No
CVE Published
Mar 7, 2018
Detection added at
Software Type
Not available
Vendor
Not available
Product
Not available